Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Au secour, PC reboot svt tt seul !!!

mike80

Par mike80
dans Analyses et éradication malwares

 Partager

Messages recommandés

mike80 Member

mike80

Posté(e)
Posté(e)

Bonjour à tous,

J'ai un pc qui reboot tt seul ! Et souvent depuis quelques jours !

Depuis ces redémarrages intempestifs, il rame comme jamais depuis que je l'ai !

Quelqu'un peut-il m'aider ?

 

Voici le log de hijackthis :

 

Logfile of HijackThis v1.99.1

Scan saved at 13:33:23, on 17/10/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\MESSAG~1\StartMessager.exe

C:\Program Files\AVPersonal\AVGNT.EXE

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

C:\Program Files\Wanadoo\EspaceWanadoo.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE

C:\Program Files\AVPersonal\AVWUPSRV.EXE

C:\Program Files\ewido\security suite\ewidoctrl.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Wanadoo\ComComp.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\Program Files\Wanadoo\Watch.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [WOOKIT] C:\Program Files\Wanadoo\EspaceWanadoo.exe

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Bloc Notes - {AF4F850B-68FF-404C-8417-549F86B1E236} - notepad.exe (file missing)

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{E31B106E-487B-4704-966C-75E52564111D}: NameServer = 80.10.246.130 80.10.246.3

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

----------------------------------------------------------------------------------------------

 

Tout est normal ou pas ?

 

merci de votre aide....

Lien vers le commentaire
Partager sur d’autres sites

Jack_Burton Godlike Member

Jack_Burton

Posté(e)
Posté(e) (modifié)

Salut mike,

 

Je viens de survoler ton rapport et je ne vois rien de douteux a 1ere vue!

Je vais regarder d un peu plus pres néanmoins!

 

Bon, je viens de bien regarder, a part des lignes superflues rien d infectueux sur ton rapport!

Tu peux fixer ces lignes inutiles pour optimisation :

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [WOOKIT] C:\Program Files\Wanadoo\EspaceWanadoo.exe

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Bloc Notes - {AF4F850B-68FF-404C-8417-549F86B1E236} - notepad.exe (file missing)

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe

 

 

Penses a désinstaller un antivirus, j en vois 2 sur ton rapport!

Edit : salut Charly :P

Modifié par Jack_Burton
Lien vers le commentaire
Partager sur d’autres sites
Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)

salut mike,Jack :P

 

Cette ligne =>

 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

 

montre qu'il y a quelques soucis sur ton pc, mais hijackthis ne montre rien d'infectieux,

 

tout au plus des inutiles à virer. Tu as deux antivirus!! Avant de virer Ewido de ton

 

pc, peut tu scanner en mode sans échec et poster un rapport(apres l'avoir mis à jour) ?

 

Un message d'erreur?

Modifié par charles ingals
Lien vers le commentaire
Partager sur d’autres sites
mike80 Member

mike80

Posté(e)
  • Auteur
Posté(e)

Voici les symptomes remarqués depuis quelques jours :

 

Ily a deux semains a peine , mon pc a redémarré tt seul 3 fois de suite a qques minutes d'intervalle, puis m'a affiché une connexion a un débit divisé par 2 par rapport a avant ( de 8 MO --> 4 Mo à peine) !

Je l'ai donc redémarré manuellement et la connexion est revenue a un débit de 8 Mo .

Seulement depuis ce problème , mon pc rame énormément !!

Je ne comprends pas !

mike

Lien vers le commentaire
Partager sur d’autres sites
Jack_Burton Godlike Member

Jack_Burton

Posté(e)
Posté(e) (modifié)

Mike, ne fais pas de multi post je te prie!

Pour reprendre ou completer un message clique sur [editer] en bas de la fenetre de ton message précédent!

 

au fait , je scan avec quoi ?

antivir , ewido , ?

 

Avec Ewido, bien qu un petit scan antivir en mode sans échec ne te ferait pas de mal :P

Modifié par Jack_Burton
Lien vers le commentaire
Partager sur d’autres sites
mike80 Member

mike80

Posté(e)
  • Auteur
Posté(e)

Voici comme convenu 3 scan: EWIDO , ANTIVIR et HIJACKTHIS tous les 3 en mode ss échec :

 

---------------------------------------------------------

ewido security suite - Rapport de scan

---------------------------------------------------------

 

+ Créé le: 15:14:34, 17/10/2005

+ Somme de contrôle: 68EF8F1B

 

+ Résultats du scan:

 

HKLM\SYSTEM\CurrentControlSet\Services\WinToolsSvc -> Spyware.WebSearch : Erreur durant le nettoyage

HKLM\SYSTEM\CurrentControlSet\Services\WinToolsSvc\Enum -> Spyware.WebSearch : Erreur durant le nettoyage

C:\Documents and Settings\Delphine\Cookies\delphine@adtech[2].txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder

C:\Documents and Settings\Delphine\Cookies\delphine@atdmt[2].txt -> Spyware.Cookie.Atdmt : Nettoyer et sauvegarder

C:\Documents and Settings\Delphine\Cookies\delphine@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder

C:\Documents and Settings\Delphine\Cookies\delphine@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Nettoyer et sauvegarder

C:\Documents and Settings\Delphine\Cookies\delphine@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder

C:\Documents and Settings\Delphine\Cookies\delphine@weborama[2].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder

C:\Documents and Settings\Delphine\Cookies\[email protected][1].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder

 

 

::Fin du rapport

 

------------------------------------------------------------------------------------

 

 

Creation date of the report file: lundi 17 octobre 2005 14:03

 

AntiVir®/XP (2000 + NT) PersonalEdition Classic

Build 1068 of 21.09.2005

Mainprogram 6.32.00.07 of 16.09.2005

VDF file 6.32.0.88 (0) of 16.10.2005

 

 

This program is for PERSONAL USE only.

Any other use is PROHIBITED.

Informations regarding commercial versions of AntiVir may be obtained from:

www.hbedv.com.

 

 

Scanning for 231606 virus strains and unwanted programs.

 

Licensed for: AntiVir Personal Edition

Serial number: 0000149991-WURGE-0001

 

Please enter the workstation and

contact name with phone number in this form:

 

Name ___________________________________________

 

Street ___________________________________________

 

Town ___________________________________________

 

Phone/Fax ___________________________________________

 

Email ___________________________________________

 

Platform: Windows NT Workstation

Windows version: 5.1 Build 2600 (Service Pack 2)

Username: Delphine

Computername: DELF

Processor: Pentium

Working memory: 458224 KB free

 

Version information:

AVWIN.DLL : 6.32.00.04 561192 16.08.2005 10:22:36

AVEWIN32.DLL : 6.32.0.6 832000 28.09.2005 14:10:40

AVGNT.EXE : 6.32.00.00 168039 29.07.2005 10:19:28

AVGUARD.EXE : 6.32.00.06 207912 07.09.2005 16:34:50

GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 11:24:12

AVGCMSG.DLL : 6.32.00.00 258165 29.07.2005 10:19:30

AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 08:07:16

AVPACK32.DLL : 6.31.01.07 327720 07.09.2005 09:08:28

AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 18:10:20

AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 18:10:22

AVSched32.EXE : 6.32.00.01 110632 21.09.2005 11:14:42

AVSched32.DLL : 6.30.00.00 122880 01.02.2005 11:24:12

AVREG.DLL : 6.31.00.05 41000 07.09.2005 16:34:50

AVRep.DLL : 6.32.00.80 1421352 16.10.2005 16:37:18

INETUPD.EXE : 6.32.00.05 254011 16.08.2005 16:46:10

INETUPD.DLL : 6.32.00.05 143360 16.08.2005 16:46:10

CTL3D32.DLL : 2.31.000 27136 30.08.2002 14:00:00

MFC42.DLL : 6.02.4131.0 1028096 20.08.2004 01:09:30

MSVCRT.DLL : 7.0.2600.2180 (xpsp_sp2_rtm.0408

MSVCRT.DLL : 7.0.2600.2180 343040 20.08.2004 01:09:34

CTL3DV2.DLL : 2.31.000 27632 17.12.1996 00:00:00

 

Configuration file:

 

Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI

Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG

Start path: C:\Program Files\AVPersonal

Command line:

Start mode: unknown

 

Mode of report file:

[ ] Do not create report

[X] Overwrite report

[ ] Append new report

 

Data in report file:

[X] Infected files

[ ] Infected files with paths

[ ] All scanned files

[ ] Full information

 

Abridge report file:

[ ] Abridge report file

 

Warnings in report:

[X] Access denied/file locked

[X] Wrong file size in directory

[X] Wrong creation time in directory

[ ] COM file is too large

[X] Invalid start address

[X] Invalid EXE header

[X] Possibly damaged

 

Summary report:

[X] Create summary report

Output file: AVWIN.ACT

Maximum number of entries: 100

 

Where to search:

[X] Memory

[X] Boot record of selected drives

[ ] Report unknown boot sectors

[X] All files

[ ] Program files

 

Response in case of a detection:

[X] Repair with prompt

[ ] Repair without prompt

[ ] Delete with prompt

[ ] Delete without prompt

[ ] Write in report file only

[X] Acoustic alarm

 

Response in case of destroyed files:

[X] Delete with prompt

[ ] Delete without prompt

[ ] Ignore

 

Response in case of destroyed files:

[X] No change

[ ] Current system time

[ ] Correct date

 

Drag&drop settings:

[X] Scan subdirectories

 

Profile settings:

[X] Scan subdirectories

 

Archive options

[X] Search archive

[X] Archive types to leave out

1000 1001 1002

 

Miscellaneous options:

Temporary path: %TEMP% -> C:\DOCUME~1\Delphine\LOCALS~1\Temp

[X] Overwrite infected files

[ ] Detect idle time

[X] Allow interruptions of scan

[ ] Load AVWin®/NT Guard on System start

 

General settings:

[X] Save options on exiting AntiVir

Priority: medium

 

Drives:

A: Floppy drive

C: Hard disk

D: CD-ROM

E: CD-ROM

F: Floppy drive

 

Start of scan: lundi 17 octobre 2005 14:03

 

Memory test OK

Master boot record of hard disk HD0 OK

Master boot record of hard disk HD1

The record could not be read!

Error code: 0x0015

Boot record of drive C: OK

 

 

C:\

pagefile.sys

Access denied! Error during file opening!

This is a Windows swap file. This file is locked by Windows.

Error code: 0x000D

WARNING! Access error/file locked!

C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson

user.dmp

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery

Altnet.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

Altnet1.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

Altnet2.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

Altnet3.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

Altnet4.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

Altnet5.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

Altnet6.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite1.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite10.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite11.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite12.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite13.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite14.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite15.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite16.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite17.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite18.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite19.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite2.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite20.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite21.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite22.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite23.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite24.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite25.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite26.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite27.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite28.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite29.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite3.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite30.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite31.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite32.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite33.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite34.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite35.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite36.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite37.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite38.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite39.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite4.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite40.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite41.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite42.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite43.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite44.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite45.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite46.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite47.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite48.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite49.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite5.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite50.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite51.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite52.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite53.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite54.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite55.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite56.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite6.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite7.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite8.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

BackWeblite9.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

CommonName.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

ConnectMFCApplication.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

DSOExploit.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

DSOExploit1.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

DSOExploit2.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

DSOExploit3.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

DSOExploit4.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

eGroupInstantAccess.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

GAINGator.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

GAINGator1.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

GAINGator2.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

HuntBar.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MagicControlAgent.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MagicControlAgent1.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MagicControlAgent2.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MagicControlAgent3.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar1.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar10.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar2.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar3.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar4.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar5.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar6.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar7.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar8.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

MyWayMyBar9.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

SumomA.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

SumomA1.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

WindowsSecurityCenterAntiVirusDisableNotify.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

WindowsSecurityCenterAntiVirusOverride.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

WindowsSecurityCenterFirewallDisableNotify.zip

ArchiveType: ZIP

NOTE! The whole archive is password protected

C:\Documents and Settings\Delphine

NTUSER.DAT

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

ntuser.dat.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\Documents and Settings\Delphine\Bureau\DELPHINE\MUSIQUES\ZZ CLASSIQUE\Classic - Orff - Carmina Burana - Philarmonia Chorus, Southend Boys'choir, Philadelphia Orchestra, dir. Riccardo Muti (mp3)

Orff - Carmina Burana - 09 - Reie Swaz hie gat umbe chume.mp3

Access denied! Error during file opening!

Error code: 0x0016

WARNING! Access error/file locked!

C:\Documents and Settings\Delphine\Bureau\Incoming bis 3,95 Go\Nouveau dossier POUR SYLVAIN\Best Sampler Ever #5 - Madrugada, Audioslave, System Of A Down, Ryan Adams, Eels, Sarah Bettens, Arcade Fire, Robocop Kraus\Various\GreenGreenGreen

01-Fink - Dies Für Dich.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

02-Zita Swoon - Thinking About You All The Time.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

03-Kashmir - Melpomene.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

04-Elliott - Blessed By Your Own Ghost.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

05-Niels Frevert - Wohin.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

06-Audioslave - Doesn't Remind Me.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

07-Die Goldenen Zitronen - Meine Kleine Welt.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

08-Babe The Blue Ox - Can't Stand Up.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

09-The House of Love - Love You Too Much.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

10-Eels - Trouble With Dreams.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

11-The Robocop Kraus - In Fact You Are Just Fiction.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

12-U2 - Tomorrow.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

13-The Arcade Fire - Crown of Love.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

14-Nick Cave And The Bad Seeds - Under This Moon.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

15-Ed Harcourt - She Fell Into My Arms.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

16-Bright Eyes - No Lies, Just Love.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

17-Ryan Adams - Meadowlake Street.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

18-Sarah Bettens - Grey.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

19-The Notwist - The String.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

20-Nine Inch Nails - Right Where It Belongs.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

C:\Documents and Settings\Delphine\Bureau\Incoming bis 3,95 Go\Nouveau dossier POUR SYLVAIN\Best Sampler Ever #5 - Madrugada, Audioslave, System Of A Down, Ryan Adams, Eels, Sarah Bettens, Arcade Fire, Robocop Kraus\Various\RedRedRed

01-System Of A Down - Bring Your Own Bombs.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

02-Karate - Need A Job.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

03-Keith Caputo - Razzberry Mockery.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

04-Janove Ottesen - Go Tell Her.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

05-Madrugada - On Your Side.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

06-Ghinzu - Do You Read Me.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

07-Nine Inch Nails - Every Day Is Exactly The Same.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

08-The Robocop Kraus - Fake Boys.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

09-The Magic Numbers - Forever Lost.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

10-Kristofer Åström - Midnight Sun.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

11-Logh - Destinymanifesto.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

12-Millionaire - Me Crazy, You Sane.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

13-Scumbucket - Traces & Things.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

14-The Soundtrack Of Our Lives - Black Star.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

15-Idlewild - Love Steals Us From Loneliness.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

16-Kungfu - Unsichtbar.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

17-The Gloria Record - The Arctic Cat.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

18-Elliott - Carry On.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

19-The God Machine - The Hunter.mp3

Access denied! Error during file opening!

Error code: 0x0002

WARNING! Access error/file locked!

C:\Documents and Settings\Delphine\Local Settings\Application Data\Microsoft\Windows

UsrClass.dat

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

UsrClass.dat.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\Documents and Settings\Delphine\Local Settings\Temp

Perflib_Perfdata_348.dat

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\Documents and Settings\Delphine\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN

swflash[1].cab

ArchiveType: CAB (Microsoft)

--> swflash.inf

NOTE! Bad header

--> Flash8.ocx

NOTE! Bad header

--> GetFlash.exe

NOTE! Bad header

--> GetFlash.man

NOTE! Bad header

C:\Documents and Settings\NetworkService

NTUSER.DAT

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

ntuser.dat.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows

UsrClass.dat

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

UsrClass.dat.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\Program Files\WinRAR

rarnew.dat

ArchiveType: RAR

NOTE! The archive is created by multiple volumes

Error! Could not change directory: System Volume Information

C:\WINDOWS

MEMORY.DMP

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\WINDOWS\system32\config

default

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

default.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

SAM

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

SAM.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

SECURITY

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

SECURITY.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

software

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

software.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

system

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

system.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

 

End of scan: lundi 17 octobre 2005 15:10

Time taken: 67:07 min

 

 

3790 directories were scanned

88066 files were scanned

62 warning messages were issued

0 files were deleted

0 files were repaired

0 detections

 

----------------------------------------------------------------------------------

 

Logfile of HijackThis v1.99.1

Scan saved at 15:15:28, on 17/10/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

-----------------------------------------------------------------------------------------

 

Y a-t-il quelque chose d'anormal ?

Lien vers le commentaire
Partager sur d’autres sites
Jack_Burton Godlike Member

Jack_Burton

Posté(e)
Posté(e) (modifié)

Re,

 

Y a-t-il quelque chose d'anormal ?

 

Il n y a rien d anormal!

Antivir n a rien trouvé, Ewido a juste supprimé des cookies traceurs (rien de grave, tout le monde s en chope en allant sur le net) et ton rapport Hijackthis est propre!!

Il va falloir s orienter sur une nouvelle voie car ton probleme ne semble pas venir d une infection virale!

 

 

Depuis ces redémarrages intempestifs, il rame comme jamais depuis que je l'ai !

On va faire en sorte de savoir d ou vient le probleme en faisant apparaitre un bel écran bleu la prochaine fois que ton pc plantera!

 

Lors d’un plantage, Windows 2000 & XP redémarre sans même afficher d’écran bleu. Or, ces derniers peuvent s’avérer utiles (pour les connaisseurs) pour déterminer l’origine du plantage.

 

Cette astuce ne permettra donc pas d’éviter le plantage du système !

 

 

    Faites un clic droit sur le Poste de travail puis sélectionnez Propriétés.

    Choisissez l’onglet Avancé et cliquez sur le bouton Paramètres dans la section Démarrage et récupération.

    Enfin, dans la section Défaillance du système, décochez la case Redémarrer automatiquement.

 

 

Voilà, au prochain plantage, Windows ne redémarrera pas stupidement sans vous donner les causes du bug.

Au prochain plantage tu nous feras un copié collé de ce que tu verras sur cet écran bleu, cela nous donnera une voie sur le probleme de ton systeme

Modifié par Jack_Burton
Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...